Thursday, April 14, 2011

Even Your Firewall Sucks!

If there was one device on your network that you would think you could trust....think again! The exploit used to fool your firewall into appearing trusted is called the "TCP Split Handshake". Apparently this flaw has been around for years, but is only now getting the attention that it deserves. An NSS Labs report says, "Five of the six products allowed external attackers to bypass the firewall and become an internal 'trusted machine.'" The only firewall tested by NSS labs that didn't was the Check Point one. No wonder I can't keep anyone out of my network...